The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

VooDoo Bear's Kapeka Backdoor Targets Critical Infrastructure

Apr 26, 2024 2:28:37 PM / by The Hivemind posted in Threat Bulletin, Critical Infrastructure, ICS, Energy, VooDoo Bear, Kapeka


Related Families: GreyEnergy, Prestige
Verticals Targeted: Critical Infrastructure

Executive Summary

Kapeka, also known as KnuckleTouch, is a novel backdoor used by VooDoo Bear to target entities in Eastern Europe.

Read More


Jun 9, 2023 2:23:26 PM / by The Hivemind posted in Critical Infrastructure, ICS, Energy, CosmicEnergy, OT


Verticals Targeted: Energy, Critical Infrastructure

Executive Summary

CosmicEnergy is a novel malware targeting operational technology (OT) and ICS.

Read More

Pro-Palestine Group Targets Israeli Chemical Sector

Feb 17, 2023 2:24:12 PM / by The Hivemind posted in Threat Bulletin, Gaza, ICS, Palestine, Chemical, Israel, Electronic, Electronic Quds Force


Verticals Targeted: Chemical

Executive Summary

A recent hacking campaign targeted Israeli chemical sector companies operating in the occupied territories. The threat actor group Electronic Quds Force is responsible for the campaign. This threat bulletin is provided for situational awareness.

Key Takeaways

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts